Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bwB5C4mYoDWcOeYSBYagO0qGh24.roa
File: bwB5C4mYoDWcOeYSBYagO0qGh24.roa (raw, json)
Hash identifier: QeXA+GiivHecp7jibwcgq+41XtSu33r7NHv1ywFoTI8=
Subject key identifier: 6F:00:79:0B:89:98:A0:35:9C:39:E6:12:05:86:A0:3B:4A:86:87:6E
Certificate issuer: /CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Certificate serial: 018DDE0863C90EBC95FD329B1E01B697CB66
Authority key identifier: D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bwB5C4mYoDWcOeYSBYagO0qGh24.roa
Signing time: Sun 25 Feb 2024 02:11:48 +0000
ROA not before: Sun 25 Feb 2024 02:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2121
IP address blocks: 193.0.24.0/21 maxlen: 21
2001:67c:64::/48 maxlen: 48
2001:67c:64:ffff:0:18d:c109:b478/128 maxlen: 128
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:de:08:63:c9:0e:bc:95:fd:32:9b:1e:01:b6:97:cb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3b3da3ecb8a7d433de38338667b35e68df73f8c
Validity
Not Before: Feb 25 02:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f00790b8998a0359c39e6120586a03b4a86876e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7c:d3:55:9f:14:71:84:ca:5e:0d:09:55:b4:
aa:2e:64:70:d4:59:42:bb:8e:7e:99:1e:3a:57:5a:
b0:34:70:03:7b:da:50:04:12:53:07:b0:80:95:ff:
4e:dd:c5:65:c7:33:56:2f:bb:0e:21:7f:ab:19:5f:
2a:34:56:68:b8:e9:38:da:d4:df:37:bb:2f:e5:6e:
a9:ec:f1:83:3d:55:16:98:ae:2d:7f:08:b0:cc:42:
ac:25:12:0c:07:42:a6:f3:6c:d0:54:f4:73:e8:e0:
69:3a:21:bf:e4:1f:f0:a2:76:94:01:12:6b:31:4b:
06:99:c2:30:5f:2e:59:c6:d2:5d:4c:75:43:a5:ca:
53:6c:29:b0:f9:5f:c2:a6:46:a2:e8:3f:fd:6c:96:
5a:ad:c8:ae:4e:b4:c2:ce:c9:5e:5e:b1:4c:6f:da:
cd:f7:14:7b:18:75:c1:2f:9e:c5:fd:f6:55:3f:f8:
0c:b8:1e:0b:88:c8:4e:d0:29:d2:5f:a6:a4:ee:9b:
57:d0:b8:5d:87:71:cb:eb:82:8d:cf:ca:f8:77:75:
75:2a:d1:2c:60:68:06:74:04:22:3e:97:cb:dd:76:
37:97:0b:a4:51:a8:fc:64:f0:6a:fa:aa:47:3a:25:
c1:65:5a:49:da:91:af:cb:8b:0f:02:10:69:e9:12:
99:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:00:79:0B:89:98:A0:35:9C:39:E6:12:05:86:A0:3B:4A:86:87:6E
X509v3 Authority Key Identifier:
keyid:D3:B3:DA:3E:CB:8A:7D:43:3D:E3:83:38:66:7B:35:E6:8D:F7:3F:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/07PaPsuKfUM944M4Zns15o33P4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/bwB5C4mYoDWcOeYSBYagO0qGh24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/e0520d-9ba6-41a3-8f87-c53979d66ca5/1/07PaPsuKfUM944M4Zns15o33P4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.24.0/21
IPv6:
2001:67c:64::/48
Signature Algorithm: sha256WithRSAEncryption
a2:eb:7a:1b:76:80:81:ee:f0:b3:ee:f8:af:92:d4:1d:f0:ea:
23:dd:74:fc:9c:61:fc:71:af:6e:56:8d:de:71:3c:a7:27:73:
68:36:d7:e8:1c:94:d9:c8:7c:39:f6:a5:57:8d:d1:70:c6:68:
75:a4:8b:20:7e:b6:04:99:5f:c1:68:c5:ba:dc:e1:c4:29:00:
31:c8:89:07:31:a9:55:78:4a:d4:08:0e:bb:7a:9d:5f:05:d4:
1a:a4:0a:6a:52:8c:5f:38:a0:cf:c8:e1:03:f6:7b:a0:ff:53:
f9:38:e0:c2:bc:d0:f0:77:93:ad:46:96:94:4b:79:90:72:a5:
58:64:a8:c5:28:cb:1f:f0:d5:91:70:97:d7:eb:47:56:82:9f:
31:3a:6c:ca:91:0f:e2:fd:f9:62:f7:e2:92:43:9f:3d:34:7a:
40:eb:e3:23:7b:7e:7b:ad:cd:81:7b:c6:4e:ae:47:1c:f9:cb:
92:6f:18:31:b6:ff:07:18:46:44:7e:8a:f1:83:fd:c8:53:ab:
f1:95:1f:8e:28:ac:21:00:47:13:50:d1:01:85:5f:8e:6a:79:
c9:3e:ed:7d:88:9a:97:d1:25:b1:e0:0e:30:e0:ae:95:f1:99:
c9:f8:21:84:dd:de:0e:13:d2:5e:5f:2b:42:d6:49:49:91:7a:
05:0b:0c:e1
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3eCGPJDryV/TKbHgG2l8tmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYjNkYTNlY2I4YTdkNDMzZGUzODMzODY2N2IzNWU2OGRm
NzNmOGMwHhcNMjQwMjI1MDIxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAwNzkwYjg5OThhMDM1OWMzOWU2MTIwNTg2YTAzYjRhODY4NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3zTVZ8UcYTKXg0JVbSqLmRw1FlC
u45+mR46V1qwNHADe9pQBBJTB7CAlf9O3cVlxzNWL7sOIX+rGV8qNFZouOk42tTf
N7sv5W6p7PGDPVUWmK4tfwiwzEKsJRIMB0Km82zQVPRz6OBpOiG/5B/wonaUARJr
MUsGmcIwXy5ZxtJdTHVDpcpTbCmw+V/Cpkai6D/9bJZarciuTrTCzsleXrFMb9rN
9xR7GHXBL57F/fZVP/gMuB4LiMhO0CnSX6ak7ptX0Lhdh3HL64KNz8r4d3V1KtEs
YGgGdAQiPpfL3XY3lwukUaj8ZPBq+qpHOiXBZVpJ2pGvy4sPAhBp6RKZ8QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG8AeQuJmKA1nDnmEgWGoDtKhoduMB8GA1UdIwQY
MBaAFNOz2j7Lin1DPeODOGZ7NeaN9z+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODct
YzUzOTc5ZDY2Y2E1LzEvYndCNUM0bVlvRFdjT2VZU0JZYWdPMHFHaDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9lMDUyMGQtOWJhNi00MWEzLThmODctYzUzOTc5ZDY2Y2E1
LzEvMDdQYVBzdUtmVU05NDRNNFpuczE1bzMzUDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDwQAYMA8E
AgACMAkDBwAgAQZ8AGQwDQYJKoZIhvcNAQELBQADggEBAKLreht2gIHu8LPu+K+S
1B3w6iPddPycYfxxr25Wjd5xPKcnc2g21+gclNnIfDn2pVeN0XDGaHWkiyB+tgSZ
X8Foxbrc4cQpADHIiQcxqVV4StQIDrt6nV8F1BqkCmpSjF84oM/I4QP2e6D/U/k4
4MK80PB3k61GlpRLeZBypVhkqMUoyx/w1ZFwl9frR1aCnzE6bMqRD+L9+WL34pJD
nz00ekDr4yN7fnutzYF7xk6uRxz5y5JvGDG2/wcYRkR+ivGD/chTq/GVH44orCEA
RxNQ0QGFX45qeck+7X2ImpfRJbHgDjDgrpXxmcn4IYTd3g4T0l5fK0LWSUmRegUL
DOE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:32 2024 by rpki-client on console-fra.rpki-client.org